From owner-p4-projects@FreeBSD.ORG  Fri Oct 19 10:59:05 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B809416A41B; Fri, 19 Oct 2007 10:59:05 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 64DD016A417
	for <perforce@freebsd.org>; Fri, 19 Oct 2007 10:59:05 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 5C2DE13C45D
	for <perforce@freebsd.org>; Fri, 19 Oct 2007 10:59:05 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l9JAx5tD005042
	for <perforce@freebsd.org>; Fri, 19 Oct 2007 10:59:05 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l9JAx5Jv005039
	for perforce@freebsd.org; Fri, 19 Oct 2007 10:59:05 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Fri, 19 Oct 2007 10:59:05 GMT
Message-Id: <200710191059.l9JAx5Jv005039@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 127768 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Oct 2007 10:59:06 -0000

http://perforce.freebsd.org/chv.cgi?CH=127768

Change 127768 by rwatson@rwatson_zoo on 2007/10/19 10:58:41

	Integrate latest OpenBSM code into audit3 branch.

Affected files ...

.. //depot/projects/trustedbsd/audit3/contrib/openbsm/HISTORY#22 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#13 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#8 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_class#7 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_event#23 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_event.c#12 integrate
.. //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#26 integrate

Differences ...

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/HISTORY#22 (text+ko) ====

@@ -1,3 +1,10 @@
+OpenBSM 1.0
+
+- Fix bug in auditreduce(8) which resulted in a memory fault/crash when
+  the user specified an event name with -m.
+- Remove AU_.* hard-coded audit class constants, as udit classes are now
+  entirely dynamically configured using /etc/security/audit_class.
+
 OpenBSM 1.0 alpha 15
 
 - Fix bug when processing in_addr_ex tokens.
@@ -295,4 +302,4 @@
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/HISTORY#21 $
+$P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/HISTORY#22 $

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#13 (text+ko) ====

@@ -26,7 +26,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#12 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/auditreduce/auditreduce.c#13 $
  */
 
 /* 
@@ -722,7 +722,6 @@
 				if (n == NULL)
 					usage("Incorrect event name");
 				p_evtype = *n;
-				free(n);
 			}
 			SETOPT(opttochk, OPT_m);
 			break;

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#8 (text+ko) ====

@@ -27,7 +27,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#7 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/bin/praudit/praudit.c#8 $
  */
 
 /*
@@ -107,6 +107,7 @@
 		free(buf);
 		if (oneline)
 			printf("\n");
+		fflush(stdout);
 	}
 	return (0);
 }

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_class#7 (text+ko) ====

@@ -1,9 +1,7 @@
 #
-# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_class#6 $
+# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_class#7 $
 # $FreeBSD: src/contrib/openbsm/etc/audit_class,v 1.2 2006/03/26 01:44:35 rwatson Exp $
 #
-# This file must match audit.h
-#
 0x00000000:no:invalid class
 0x00000001:fr:file read
 0x00000002:fw:file write

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_event#23 (text+ko) ====

@@ -1,7 +1,13 @@
 #
-# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_event#22 $
+# $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/etc/audit_event#23 $
 # $FreeBSD: src/contrib/openbsm/etc/audit_event,v 1.8 2007/07/22 12:20:42 rwatson Exp $
 #
+# The mapping between event identifiers and values is also hard-codedd in
+# audit_kevents.h and audit_uevents.h, so changes must occur in both places,
+# and programs, such as the kernel, may need to be recompiled to recognize
+# those changes.  It is advisable not to change the numbering or naming of
+# kernel audit events.
+#
 0:AUE_NULL:indir system call:no
 1:AUE_EXIT:exit(2):pc
 2:AUE_FORK:fork(2):pc
@@ -438,7 +444,7 @@
 43097:AUE_ACL_SET_LINK:acl_set_link(2):fm
 43098:AUE_ACL_DELETE_LINK:acl_delete_link(2):fm
 43099:AUE_ACL_CHECK_LINK:acl_aclcheck_link(2):fa
-43100:AUE_SYSARCH:sysarch(2):na
+43100:AUE_SYSARCH:sysarch(2):ot
 43101:AUE_EXTATTRCTL:extattrctl(2):fm
 43102:AUE_EXTATTR_GET_FILE:extattr_get_file(2):fa
 43103:AUE_EXTATTR_SET_FILE:extattr_set_file(2):fm

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_event.c#12 (text+ko) ====

@@ -27,7 +27,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_event.c#11 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_event.c#12 $
  */
 
 #include <bsm/libbsm.h>
@@ -83,11 +83,11 @@
 	 */
 	if (evclass != NULL) {
 		if (getauditflagsbin(evclass, &evmask) != 0)
-			e->ae_class = AU_NULL;
+			e->ae_class = 0;
 		else
 			e->ae_class = evmask.am_success;
 	} else
-		e->ae_class = AU_NULL;
+		e->ae_class = 0;
 
 	return (e);
 }

==== //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#26 (text+ko) ====

@@ -32,7 +32,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#25 $
+ * $P4: //depot/projects/trustedbsd/audit3/contrib/openbsm/libbsm/bsm_io.c#26 $
  */
 
 #include <sys/types.h>
@@ -3873,14 +3873,14 @@
  * zonename                     size bytes;
  */
 static int
-fetch_zonename_tok(tokenstr_t *tok, char *buf, int len)
+fetch_zonename_tok(tokenstr_t *tok, u_char *buf, int len)
 {
 	int err = 0;
 
 	READ_TOKEN_U_INT16(buf, len, tok->tt.zonename.len, tok->len, err);
 	if (err)
 		return (-1);
-	SET_PTR(buf, len, tok->tt.zonename.zonename, tok->tt.zonename.len,
+	SET_PTR((char *)buf, len, tok->tt.zonename.zonename, tok->tt.zonename.len,
 	    tok->len, err);
 	if (err)
 		return (-1);